Your troubleshooting guide to the daily IT issues

Monday, February 9, 2015

Solving a potential DNS Scavenging Mess!
I used to work for a company that had a very large AD-Integrated DNS zone with more than 100,000 A records in it. We, the Engineering team, decided to enable DNS Scavenging in the zone to delete the stale records. In other words, records that for one reason or another, would not update themselves and the Timestamp was already older than what we wanted. We had a very mixed environment with mostly 65% of the computers were Macs and over 100 Linux servers. Although those machines were bound to the domain and were always connected to the network, many would still fail to update the records in DNS. This behavior caused an issue where the automatic Windows DNS Scavenging deleted legit records of our Linux servers and it caused and great problem. (Thank God for backups!).

I decided to come up with a workaround... Instead of using the default DNS Scavenging provided in DNS manager, I decided to write a Powershell script that would get the stale records from the zone and match them with the computer object in AD. Then use, the OperatingSystem field value of that computer object to decide whether I would delete the A record or not. In the end, you can have the script send you an email with the report so you can have a Windows scheduled task do that for you every Saturday or so!

Below is the code:

<#
Written by Mr. Hiraldo - Tips4teks.blogspot.com.
This script is provided AS IS and I am not responsible for any damages caused. Removing DNS records could be a problem on your network. Contact your administrator and REALLY think this through before using it.
#>
Import-Module activedirectory
#Change value DeletingEnabled to $true if you want to delete the Stale DNS Records
$DeletingEnabled = $true
Function DeleteDNSRecord($Record)
{
$Owner = $Record.OwnerName
$IPAddress = $Record.IPAddress

Tuesday, June 25, 2013

Recently, I was in the need to change the description on multiple Active Directory accounts that I had exported from an OU to CSV. They were over 500 so doing it one by one would have been a time consuming task. That's when I decided to do a simple by working script to accomplish this task.

I'm using Powershell but you can other languages such as VBS. I prefer Powershell because it's more robust yet simpler to use and understand and it's the future of Windows Scripting.

Here's the script:

############################################################### Change-Description-To-Users.ps1 ## Created by tips4teks.blogspot.com ## This script changes the description of AD accounts to whatever is specified # ##############################################################
Import-module ActiveDirectory#Declare the path to the CSV file where you have the accounts by Distinguished Name. #The first row of the column should be named "DistinguishedName" without quotes.
$CSV='C:\users-to-edit.csv'#Declare the new description that will be applied to all the accounts in the CSV file.
$Description='Account Disabled by tips4teks.blogspot.com'#Read the CSV file and change the description to each user object based on the parameters specified.import-csv -path $CSV | foreach-object { Set-ADUser -identity $_.DistinguishedName -Description $Description}

Thursday, January 10, 2013

Some enterprises lock down Lotus Notes settings via Domino Policies and occasionally, while troubleshooting, you may find out that certain settings are grayed out. If you don't have Domino Administrator rights to edit the policies, it may become problematic and you may be forced to remove the policies from the local machine.

How to remove Domino Policies from a Lotus Notes client.
It is important to know that the policies on a local Lotus Notes Client installation are saved on the names.nsf database so if you happened to recreate the names.nsf you most likely removed the policies with it.

If you want to remove the policies manually:

Open the main address book on the machine that you want to remove the policy from. Normally this is names.nsf.

Select the policies you may want to remove (In my case, I deleted them all) and click on "Delete Person" or simply the key "Delete" on your keyboard. You may get a prompt after that which you can click Yes.

After that, your locked down settings will be open until the Notes client gets the policy updates from the Domino Server.

Years ago, one of my users got the error: "Notes error: Special database object cannot be located" when trying to archive locally from her Lotus Notes. After I tried refreshing design template, views, emptying the trash with no success.

According to my old personal troubleshooting archive, I had read an article in the IBM forum, (the link is broken now) that said:"In this case, the issue occurred when the Advance archiving setting "Log all archiving activity into the log database" was selected and the archive log template, ARCHLG50.NTF, was either corrupted or missing. The issue was resolved by unchecking the option, "Log all archiving activity into the log database" and by adding or replacing the ARCHLG50.NTF file on the workstation."

After reading this, it made a lot of sense to me. However, the Lotus Notes Archive log template was on my users machine and I needed to keep a log in the machine so disabling the archiving activity on the machine wouldn't be a solution. Thankfully, I found out the solution shortly! The Archive Log NSF file was corrupted and I just needed to recreate it.How to recreate the archive log DB.

Tuesday, December 25, 2012

Some time ago, one of the users I support had an issue with the iTunes store. It wouldn't load at all and she would get a white screen and a spinning wheel trying to load the store. After having uninstalled and reinstalled iTunes with no luck, the IT muse enlightened me and I thought of resetting the Winsocks on Windows and Bingo! I got the issue resolved.

How to do a winsock reset

Open command prompt in elevated mode. (On Windows 7 and Above, click on the start menu type in CMD, right click on it and click on Run as administrator. On XP, click on Start - Run and type in CMD and hit OK ).

Saturday, December 22, 2012

Recently, I was helping a user whose computer wouldn't launch iTunes. This user had Windows 7 64 bits and I had already uninstalled iTunes and reinstalled the newest version of iTunes from the Apple site and yet the issue persisted. I had noticed that iTunesHelper.exe was running and that the process itunes.exe would also quickly launch and close itself so that told me there were some incompatibility issues with some other app or a service was not running.

Believe it or not the solution was uninstalling Quicktime! It looks like that computer had an old version of QuickTime that was no longer compatible with iTunes. After I uninstalled QuickTime, iTunes worked perfectly!